A little over 15 years after it was first conceptualised by the Atal Bihari Vajpayee-government, India’s controversial DNA profiling Bill is set to be introduced in parliament this session.
The Bill, which will create “special databanks” to hold “DNA profiles”, which will help law enforcement agencies in forensic-criminal investigations, has followed a winding road over the last few years.
Last year, the Law Commission submitted the final version of the Bill – officially called the DNA-Based Technology (Use and Regulation) Bill, 2018 – to the government after having “thoroughly examined” an earlier draft forwarded by the department of biotechnology.
While the government insists that the move is to merely expand the “application of DNA-based forensic technologies to support and strengthen the justice delivery of the country”, activists and civil society stakeholders have criticised the project, saying that the Centre has ignored privacy and security concerns.
With the Bill set to be introduced in the Rajya Sabha this parliamentary session, The Wire breaks down the issues at stake and why it should be referred to a standing committee to resolve existing problems.
Reason 1: Puttaswamy judgement and Srikrishna report
The DNA Bill was not examined, either by the government or the Law Commission, in the context of two recent and important privacy-related developments.
The first is the ‘right to privacy’ judgement, or Puttaswamy vs Union of India, which came out in August 2017 and held that all Indians enjoy a fundamental right to privacy. The judgement – which overruled verdicts given in the M.P. Sharma case of 1958 and the Kharak Singh case of 1961 – ruled that the right to privacy is intrinsic to life and liberty and thus comes under Article 21 of the constitution.
The Law Commission, which finished its deliberations by July 2017, a month before the right to privacy was guaranteed, could not consider or ensure that it worked in the full import of the Puttaswamy judgement into the Bill.
In fact, the Law Commission’s report makes multiple mentions to (at the time) the impending privacy judgement.
At one point it makes reference to M.P. Sharma and Kharak Singh and notes that the court has “referred the matter to a larger bench for authoritative interpretation of law on the issue”.
At another point, in the ‘conclusions’ section of its report, the Law Commission acknowledges that the 2017 Bill “provides provisions intended to protect the right to privacy”, but grimly states that in India, it is a “matter of academic debate” as to whether privacy is an integral part of Article 21 of the constitution.
As we know now, it is indeed an integral part of Article 21 and has been upheld by the Supreme Court. Why does this matter? It is crucial, because as privacy experts point out, the 2017 Bill still hasn’t tightly defined on how exactly DNA profiling can be used and is missing a “number of safeguards that would enable individual rights”. A parliamentary standing committee would do well to see how well the DNA Bill conforms to the Puttaswamy judgement.
The second context in which the Bill must be examined is the Justice Srikrishna report which is yet to be released. This report, which has been delayed, will provide a framework for data protection and privacy and hopefully lay down foundational principles on how public and private entities must treat an individual person’s data.
It seems more than a little puzzling that the Narendra Modi government is intent on pushing through a DNA profiling Bill that has security and privacy risks without first enacting data protection legislation.
As experts have noted, the 2017 law commission Bill claims that it has used the 13 CODIS (combined DNA index system) profiling standard in the drafting of the Bill as a way of protecting privacy, but has left the “defining of privacy and security safeguards to actual regulation”. Or in other words, the CODIS standard is not in the text of the Bill and will be left to government regulation. This has a host of implications for how DNA information is used, the confidentiality of data and the timely removal or deletion of a person’s biological data.
Reason 2: Is India’s law enforcement system ready?
While the DNA Bill originated in the Ministry of Science and Technology, its actual use and utility lies with India’s law enforcement agencies. In this context, it is odd that the DNA Bill hasn’t been subjected to an in-depth review by the home affairs ministry or law enforcement agencies.
While both parties appear to have replied in brief to a few issues surrounding the Bill in the Supreme Court, in response to a PIL petition filed by the Lokniti Foundation, that is not nearly enough.
While DNA profiling and testing have been used before in criminal investigations in India, the lack of proper infrastructure and technical know-how has restricted it from being used in a widespread or effective manner.
As at least one member of the expert committee that reviewed the 2012 version of the DNA profiling Bill noted, the way local police and law enforcement agencies interact with and collect samples is of paramount importance.
There are risks of contamination, risks in the chain of custody and risks in how the crime site is treated.
Indian police investigations have been sharply criticised for their shoddy forensic techniques. What is further worrying is that the home ministry only recently circulated a set of guidelines on how investigating officers should “search crime scenes and scientifically collect, store and transport DNA samples in criminal cases”.
If the Bill was referred to a standing committee, it could assess the state of readiness of India’s police and whether that would make the DNA Bill a good or bad idea. Specifically in the context of whether the law enforcement system is equipped to handle it in a secure and responsible manner. After all, the implications of being found on the database are serious.
Reason 3: How much is this going to cost?
Like most large-scale technological systems in India, the proposed DNA database project too has suffered from the lack of a cost-analysis study.
All bills need to be accompanied by a financial memorandum.In this case, as The Wire has rigorously analysed, the estimated costs of setting up the infrastructure, collecting and storing the samples, and the accompanying operational costs could come up to Rs 3,000 crore. These are based on the costs used in setting up a similar system in the United Kingdom.
The Indian government, however, has maintained that the whole project will cost only Rs 20 crore.
This, on the face of it, appears to be a ridiculous under-estimate. As The Wire has shown, the cost of just acquiring the DNA samples from people arrested in India on criminal charges alone could be over Rs 1,800 crore.This figure is based on costs put out by the India’s nodal DNA profiling agency, the Centre for DNA Fingerprinting and Diagnostics (CDFD).
Is the government drastically under-estimating how much this system will cost? Will a underfunded budget compromise on issues of privacy and security? A standing committee should look at this and more.
Reason 4: Caste, fidelity and silo-linking
Civil society stakeholders have maintained over the years that the new system should not further contribute to the institutional bias that is already present in the existing DNA identification.
For example, the CDFD already asks for the caste of the suspect during the collection of the DNA sample.
Law enforcement techniques that involve the use of DNA technology often rely on the practice of ‘cold hits’, where DNA databases are searched even if there isn’t an investigative lead. This practice, combined with the reliabilities that come with DNA testing, prove to be deadly for already vulnerable populations (Dalit communities) that are at increased risk of police bias.
A standing committee should look into this before any law is passed and before any database can be created.